Latest News Details

Cyber security experts in Qatar and the region have advised caution and not to access any emails or other information from unknown sources, following the recent wave of cyber attacks across the world.

Qatar National Information Security Centre (Q-cert) at the Ministry of Transport and Communications has issued a directive suggesting “All entities and institutions in Qatar should be aware of a ransomware malware, which has hit over 99 countries in the last two days and is set to continue proliferating.”

The Qcert statement said, “A number of proactive steps were adopted, and a team of specialists at the centre is on alert to contain or eradicate any reported infections by the malware. Q-Cert provides nationwide cyber security response services and they can be reached by e-mail: incidents@qcert.org or Qcert hotline: 44933408.”

Speaking to Gulf Times, Dr Marc Dacier, research director - Cyber Security at Qatar Computing Research Institute under Hamad Bin Khalifa University said, "A new worm that breaks into Windows machines is spreading. Microsoft has published a patch - everyone should update their machines immediately. Services using shared servers should not be exposed to the Internet. Desktop firewalls should be used by everyone, together with professional anti-virus products.”

“The ransomware infects victims by exploiting a Microsoft Windows vulnerability. Once inside the system, the attackers install a rootkit, which enables them to download the software to encrypt the data. A request for $600 in Bitcoin is displayed along with the wallet – and the ransom demand increases over time,” explained Saad.

“Kaspersky Lab experts are currently trying to determine whether it is possible to decrypt data locked in the attack – with the aim of developing a decryption tool as soon as possible,” added Saad.

"The latest ransomware attack, namely wannacry, is a classical worm spreading by scanning IP addresses for machines that can be remotely attacked. If there are machines in Qatar that are vulnerable and if they are scanned, they will likely be compromised. Hadn’t the worm be stopped in its expansion by the activation of a “kill switch” by a security researcher, it is reasonable to assume that some machines in Qatar would have been compromised, just like in the rest of the world," explained Dr Dacier.

"The worm appears to be contained for the time being but little effort would be required from the attacker to launch an updated version to contaminate the vulnerable machines that haven’t been infected yet," the official cautioned.
"Every company should have a security policy in place to enforce timely deployment of patches, to make sure that every machine facing the Internet is protected by a firewall. All machines within the corporate network are also to be protected by a desktop firewall and every machine should run an up to date anti-virus system, and that intrusion detection systems are in place inside and outside the perimeter of the enterprise. These are some of the most basic security best practices," he suggested.

Extreme weather events put the most vulnerable communities at high risk. How can data analytics strengthen early warning systems and and support relief efforts for communities in need? The size and ...

Scientists from the Qatar Computing Research Institute have developed a new algorithm that can identify driver genes of several types of gliomas, the most common and aggressive forms of primary brain...

Results From Joint Research Efforts To Bring Benefits To Local Residents Doha, 28 October 2014: Qatar Computing Research Institute (QCRI) and the Qatar Mobility Innovations Center (QMIC) have signed...